A reminder that this latest ransomware attack (#Petya) is made possible by #NSA-developed exploits #ETERNALBLUE and #ETERNALROMANCE (the former used in #WannaCry)---exploits that the government decided to hoard as 0days instead of notifying Microsoft to fix the issues. Instead of helping to protect the United States and its allies, it has made us far less safe. Petya and WannaCry are products of its negligence.

This issue goes back to the #VEP (the Vulnerabilities Equities Process)---the supposed process that is used by the government to determine whether to disclose to weaponize exploits. If WannaCry didn't spur enough discussion, let's hope this does.

My personal IT defense system protects me better that the system in place at the Russian ministry of internal affairs. It also seems that the documents I keep at home are safer than than medical records at the NHS. Their incompetence makes me #wannacryabout 9 months agofrom somsants.netpermalink

As much as @FSF wants to blame Windows, or Microsoft wants to blame the NSA, and the NSA wants to blame hackers, some of the fault of the disruption caused by #WannaCry is the fault of IT Managers who keep buying Windows. Market demand has to ask for diversity, it's not going to appear by itself.about 9 months agofrom sn.jonkman.capermalink